Set-Cookie: PHPSESSID=82il85esafo7o6mkl0hk9q0i53; path=/; domain=.lexware-hausverwalter.de; secure; HttpOnly
Date: Tue, 14 Nov 2017 01:21:10 GMT
Transfer-Encoding: chunked
Content-Security-Policy: default-src 'self' *.typekit.net *.msn.com *.bing.com *.google.com *.google.de *.googleapis.com *.gstatic.com *.adroll.com *.adnxs.com; img-src 'self' *.econda-monitor.de *.typekit.net *.msn.com *.bing.com *.google.com *.google.de *.googleapis.com *.gstatic.com *.adroll.com *.adnxs.com *.googleadservices.com *.google-analytics.com *.google.com *.google.de *.googleapis.com *.gstatic.com *.doubleclick.net; font-src 'self' *.googleapis.com *.gstatic.com *.typekit.net data:; style-src 'self' 'unsafe-inline' *.typekit.net *.msn.com *.bing.com *.google.com *.google.de *.googleapis.com *.gstatic.com *.adroll.com *.adnxs.com; script-src 'self' *.typekit.net *.msn.com *.bing.com *.google.com *.google.de *.googleapis.com *.gstatic.com *.adroll.com *.adnxs.com *.googleadservices.com *.google-analytics.com;
Content-Type: text/html
Strict-Transport-Security: max-age=31536000
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-WebKit-CSP: default-src 'self' *.typekit.net *.msn.com *.bing.com *.google.com *.google.de *.googleapis.com *.gstatic.com *.adroll.com *.adnxs.com; img-src 'self' *.econda-monitor.de *.typekit.net *.msn.com *.bing.com *.google.com *.google.de *.googleapis.com *.gstatic.com *.adroll.com *.adnxs.com *.googleadservices.com *.google-analytics.com *.google.com *.google.de *.googleapis.com *.gstatic.com *.doubleclick.net; font-src 'self' *.googleapis.com *.gstatic.com *.typekit.net data:; style-src 'self' 'unsafe-inline' *.typekit.net *.msn.com *.bing.com *.google.com *.google.de *.googleapis.com *.gstatic.com *.adroll.com *.adnxs.com; script-src 'self' *.typekit.net *.msn.com *.bing.com *.google.com *.google.de *.googleapis.com *.gstatic.com *.adroll.com *.adnxs.com *.googleadservices.com *.google-analytics.com;
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
HTTP/1.1 200 OK
Pragma: no-cache
X-Content-Security-Policy: default-src 'self' *.typekit.net *.msn.com *.bing.com *.google.com *.google.de *.googleapis.com *.gstatic.com *.adroll.com *.adnxs.com; img-src 'self' *.econda-monitor.de *.typekit.net *.msn.com *.bing.com *.google.com *.google.de *.googleapis.com *.gstatic.com *.adroll.com *.adnxs.com *.googleadservices.com *.google-analytics.com *.google.com *.google.de *.googleapis.com *.gstatic.com *.doubleclick.net; font-src 'self' *.googleapis.com *.gstatic.com *.typekit.net data:; style-src 'self' 'unsafe-inline' *.typekit.net *.msn.com *.bing.com *.google.com *.google.de *.googleapis.com *.gstatic.com *.adroll.com *.adnxs.com; script-src 'self' *.typekit.net *.msn.com *.bing.com *.google.com *.google.de *.googleapis.com *.gstatic.com *.adroll.com *.adnxs.com *.googleadservices.com *.google-analytics.com;